io.github.CSOAI-ORG/agent-prompt-injection-firewall-mcpsearch

agent-prompt-injection-firewall-mcp

Flagged

The WAF for agents. Pattern-based + heuristic firewall scans prompts, RAG documents, tool argume...

Our take

Part of a 300+ listing flood from a single operator (MEOK AI Labs / CSOAI): templated repos mass-published across every category, most decorated with an "MCP Scorecard 86/100" badge from proofof.ai — a domain the same operator owns, a self-issued trust signal dressed up as independent review. It presents as a prompt-injection firewall for agents. The README is the operator's full boilerplate — "production-ready" feature list, EU AI Act compliance checkmarks, $99/$499 pricing, sales booking link — and the code gates usage behind MEOK API keys and POSTs your api_key and email to the operator's attestation endpoint (meok-attestation-api.vercel.app), with Stripe buy links at $199/$1499. A security tool whose own trust signals are self-issued is not a security tool. Working code doesn't offset manufactured trust signals at this scale.

reviewed by hand · 2026-07-05

Something wrong or dead here? Report it

Verification record

last verified
yesterday
github stars
0
last commit
16 days ago
archived
no
license
MIT
in registry since
2026-06-30

github.com/CSOAI-ORG/agent-prompt-injection-firewall-mcp